119HTABLE_DECLARE_WITH(auth_htable, aht,
auth_passwd_t, usize_t,
unsigned);
192#define AUTH_PLUGIN(am) (auth_plugin_t *)((am) + 1)
264 void *hmac,
size_t size);
Functions common for client/server.
Datatypes and functions for Digest authentication.
Authentication verification interface.
struct auth_uplugin_t auth_uplugin_t
Opaque authentication operation data used by plugin module.
Definition auth_module.h:73
struct auth_scheme const auth_scheme_t
Virtual table for authentication plugin.
Definition auth_module.h:66
void auth_method_digest(auth_mod_t *am, auth_status_t *as, msg_auth_t *au, auth_challenger_t const *ach)
Authenticate a request with Digest authentication scheme.
Definition auth_module.c:634
void auth_md5_hmac_init(auth_mod_t *am, su_md5_t *md5)
Init md5 for MD5-based HMAC.
Definition auth_module.c:1488
void auth_method_basic(auth_mod_t *am, auth_status_t *as, msg_auth_t *auth, auth_challenger_t const *ach)
Basic scheme.
Definition auth_module.c:517
int auth_allow_check(auth_mod_t *am, auth_status_t *as)
Check if request method is on always-allowed list.
Definition auth_module.c:1224
isize_t auth_generate_digest_nonce(auth_mod_t *am, char buffer[], size_t buffer_len, int nextnonce, msg_time_t now)
Generate nonce parameter.
Definition auth_module.c:1372
msg_auth_t * auth_digest_credentials(msg_auth_t *auth, char const *realm, char const *opaque)
Digest scheme.
Definition auth_module.c:1287
void auth_challenge_basic(auth_mod_t *am, auth_status_t *as, auth_challenger_t const *ach)
Construct a challenge header for Basic authentication scheme.
Definition auth_module.c:578
void auth_destroy_default(auth_mod_t *am)
Default destroy method.
Definition auth_module.c:269
auth_passwd_t * auth_mod_getpass(auth_mod_t *am, char const *user, char const *realm)
Get an passwd entry for user.
Definition auth_module.c:841
int auth_validate_digest_nonce(auth_mod_t *am, auth_status_t *as, auth_response_t *ar, msg_time_t now)
Validate nonce parameter.
Definition auth_module.c:1403
int auth_readdb(auth_mod_t *am)
Read authentication database.
Definition auth_module.c:927
void auth_info_digest(auth_mod_t *am, auth_status_t *as, auth_challenger_t const *ach)
Construct a info header for Digest authentication scheme.
Definition auth_module.c:816
int auth_readdb_if_needed(auth_mod_t *am)
Read authentication database only when needed.
Definition auth_module.c:933
auth_passwd_t * auth_mod_addpass(auth_mod_t *am, char const *user, char const *realm)
Add a password entry.
Definition auth_module.c:869
void auth_check_digest(auth_mod_t *am, auth_status_t *as, auth_response_t *ar, auth_challenger_t const *ach)
Verify digest authentication.
Definition auth_module.c:667
void auth_challenge_digest(auth_mod_t *am, auth_status_t *as, auth_challenger_t const *ach)
Construct a challenge header for Digest authentication scheme.
Definition auth_module.c:773
int auth_init_default(auth_mod_t *am, auth_scheme_t *base, su_root_t *root, tag_type_t tag, tag_value_t value,...)
Initialize an authentication module instance.
Definition auth_module.c:125
void auth_cancel_default(auth_mod_t *am, auth_status_t *as)
Default cancel method.
Definition auth_module.c:475
msg_auth_t * auth_mod_credentials(msg_auth_t *auth, char const *scheme, char const *realm)
Find a credential header with matching scheme and realm.
Definition auth_module.c:1246
auth_mod_t * auth_mod_alloc(auth_scheme_t *scheme, tag_type_t, tag_value_t,...)
Allocate an authentication module instance.
Definition auth_module.c:92
Authentication challenge.
Definition auth_module.h:150
Common data for authentication module.
Definition auth_plugin.h:125
su_md5_t am_hmac_opad
MD5 with outer pad.
Definition auth_plugin.h:166
su_md5_t am_hmac_ipad
MD5 with inner pad.
Definition auth_plugin.h:165
unsigned am_max_ncount
If nonzero, challenge with new nonce after ncount.
Definition auth_plugin.h:168
unsigned am_mutual
Mutual authentication.
Definition auth_plugin.h:157
unsigned am_challenge
Challenge even if successful.
Definition auth_plugin.h:155
unsigned am_anonymous
Allow anonymous access.
Definition auth_plugin.h:154
unsigned am_fake
Fake authentication.
Definition auth_plugin.h:158
unsigned am_forbidden
Respond with 403 if bad credentials.
Definition auth_plugin.h:153
unsigned am_nextnonce
Send next nonce in responses.
Definition auth_plugin.h:156
auth_htable_t am_users[1]
Table of users.
Definition auth_plugin.h:132
msg_param_t am_algorithm
Defauilt algorithm.
Definition auth_plugin.h:148
char const * am_db
User database file name.
Definition auth_plugin.h:130
char const * am_targetname
NTLM target name.
Definition auth_plugin.h:145
uint8_t am_master_key[16]
Private master key.
Definition auth_plugin.h:163
auth_passwd_t * am_anon_user
Special entry for anonymous user.
Definition auth_plugin.h:138
unsigned _am_refcount
Not used.
Definition auth_plugin.h:127
unsigned am_next_exp
Next nonce lifetime.
Definition auth_plugin.h:151
char const * am_opaque
Opaque identification data.
Definition auth_plugin.h:143
struct stat * am_stat
State of user file when read.
Definition auth_plugin.h:131
url_t * am_remote
Remote authenticator.
Definition auth_plugin.h:141
void * am_buffer
Buffer for database.
Definition auth_plugin.h:134
char const ** am_allow
Methods to allow without authentication.
Definition auth_plugin.h:147
auth_passwd_t * am_locals
Entries from local user file.
Definition auth_plugin.h:135
auth_scheme_t * am_scheme
Authentication scheme (Digest, Basic).
Definition auth_plugin.h:146
char const * am_realm
Our realm.
Definition auth_plugin.h:142
size_t am_local_count
Number of entries from local user file.
Definition auth_plugin.h:136
unsigned am_expires
Nonce lifetime.
Definition auth_plugin.h:150
unsigned am_blacklist
Extra delay if bad credentials.
Definition auth_plugin.h:152
unsigned am_count
Nonce counter.
Definition auth_plugin.h:161
char const * am_gssapi_data
NTLM data.
Definition auth_plugin.h:144
msg_param_t am_qop
Default qop (quality-of-protection)
Definition auth_plugin.h:149
User data structure.
Definition auth_plugin.h:106
void const * apw_type
Magic identifier.
Definition auth_plugin.h:108
char const * apw_realm
Realm.
Definition auth_plugin.h:111
unsigned apw_index
Key to hash table.
Definition auth_plugin.h:107
auth_uplugin_t * apw_extended
Method-specific extension.
Definition auth_plugin.h:115
char const * apw_hash
MD5 of the username, realm and pass.
Definition auth_plugin.h:113
char const * apw_ident
Identity information.
Definition auth_plugin.h:114
char const * apw_user
Username.
Definition auth_plugin.h:110
char const * apw_pass
Password.
Definition auth_plugin.h:112
Digest parameters for digest-response in Authorize.
Definition auth_digest.h:117
Authentication scheme.
Definition auth_plugin.h:66
void(* asch_destroy)(auth_mod_t *am)
Reclaim resources an authentication module.
Definition auth_plugin.h:100
void(* asch_challenge)(auth_mod_t *am, auth_status_t *as, auth_challenger_t const *ch)
Create a challenge.
Definition auth_plugin.h:86
void(* asch_cancel)(auth_mod_t *am, auth_status_t *as)
Cancel an asynchronous authentication request.
Definition auth_plugin.h:93
char const * asch_method
Name.
Definition auth_plugin.h:68
int(* asch_init)(auth_mod_t *am, auth_scheme_t *base, su_root_t *root, tag_type_t tag, tag_value_t value,...)
Initialize module.
Definition auth_plugin.h:74
void(* asch_check)(auth_mod_t *am, auth_status_t *as, msg_auth_t *auth, auth_challenger_t const *ch)
Check authentication.
Definition auth_plugin.h:80
usize_t asch_size
Size of module object.
Definition auth_plugin.h:71
Authentication operation result.
Definition auth_module.h:97
struct tag_type_s const * tag_type_t
struct su_root_t su_root_t